package com.dongdongshop.shiro.config;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    //创建ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Autowired DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        //添加shiro内置过滤器
        /*  shiro内置过滤器，可以实现权限相关的拦截器
                常用的过滤器：
                    anon：无需认证（登录）就可以访问
                    authc：必须认证才可以访问
                    user：如果使用rememberMe的功能可以直接访问
                    perms：改资源必须得到资源权限才可以访问
                    role：改资源必须得到角色权限才可以访问
         */
        Map<String,String> filterMap = new LinkedHashMap<String, String>();
        filterMap.put("/static/**","anon");//放过静态资源
        //filterMap.put("/loginRegisterController/indexList","anon");//展示页面
        //filterMap.put("/loginRegisterController/registerList","anon");//注册页面
        //filterMap.put("/loginRegisterController/loginList","anon");//登录页面
        //filterMap.put("/loginRegisterController/getCode","anon");//获取验证码
        //filterMap.put("/loginRegisterController/register","anon");//注册操作
        //filterMap.put("/loginRegisterController/userLogin","anon");//登录操作
        //设置删除方法必须要有权限才能操作
        filterMap.put("/del","perms[delete]");
        //设置退出登录
        filterMap.put("/authc/logout","logout");
        //filterMap.put("/**","authc");

        //修改调整的登录页面
        shiroFilterFactoryBean.setLoginUrl("/loginRegisterController/indexList");
        //设置无权限访问页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/unauthorizedList");


        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
        return shiroFilterFactoryBean;
    }
    //创建DefaultWebSecurityManager
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Autowired UserRealm userRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联realm
        securityManager.setRealm(userRealm);
        return securityManager;
    }
    //创建Realm
    @Bean
    public UserRealm getRealm(@Autowired HashedCredentialsMatcher hashedCredentialsMatcher){
        UserRealm userRealm = new UserRealm();
        //设置加密
        userRealm.setCredentialsMatcher(hashedCredentialsMatcher);
        return userRealm;
    }

    //设置加密组件
    @Bean
    public HashedCredentialsMatcher getHashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        //指定加密方式
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        //指定加密次数
        hashedCredentialsMatcher.setHashIterations(10);
        //开启hex编码模式
        hashedCredentialsMatcher.setStoredCredentialsHexEncoded(true);
        return hashedCredentialsMatcher;

    }
}
